Full_Name: Pierangelo Masarati
Version: HEAD/re24
OS: irrelevant
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (188.153.31.111)
Submitted by: ando
meta_back_is_candidate() marks as candidate any target whose suffix is
subordinate to the search request when the request has "subtree" scope. This in
principle can give false positives and could also give false negatives.
However, that piece of code is always exploited with a "subtree" scope,
regardless of the actual scope of the search. As a consequence, only false
positives can occur (which is harmless but may result in unnecessary activity).
The function meta_back_is_candidate() has been fixed to correctly manage all
conditions; when called during a search request, the actual scope is used, to
make sure only actual candidates are considered by search operations.
p.